Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/foHcLlNALNNPD8rdk1-CYRMHuMc.roa
File:                     foHcLlNALNNPD8rdk1-CYRMHuMc.roa (raw, json)
Hash identifier:          agin7EJnGDnhi6UHLUR1N+QkvtDyyi3HItLatHWhP20=
Subject key identifier:   7E:81:DC:2E:53:40:2C:D3:4F:0F:CA:DD:93:5F:82:61:13:07:B8:C7
Certificate issuer:       /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial:       01891D9A2DDE3C4D26C5F0463E8DB7AD414A
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/foHcLlNALNNPD8rdk1-CYRMHuMc.roa
Signing time:             Mon 03 Jul 2023 21:13:10 +0000
ROA not before:           Mon 03 Jul 2023 21:13:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34872
IP address blocks:        62.3.50.0/24 maxlen: 24
                          45.154.97.0/24 maxlen: 24
                          194.28.98.0/23 maxlen: 24
                          2a0c:b641:540::/44 maxlen: 48
                          2a0c:b641:30::/44 maxlen: 48
                          2a0c:b641:10::/44 maxlen: 48
                          2a0f:8400::/32 maxlen: 48
                          2a0c:b641::/44 maxlen: 48
                          2a0c:b640::/32 maxlen: 48
                          2a0c:b641:70f::/48 maxlen: 48

Validation:               Failed, certificate revoked on Sun 03 Dec 2023 15:32:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:1d:9a:2d:de:3c:4d:26:c5:f0:46:3e:8d:b7:ad:41:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05976801363d375786152e4d061e75c8beb35058
        Validity
            Not Before: Jul  3 21:13:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7e81dc2e53402cd34f0fcadd935f82611307b8c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:4c:c2:c6:1e:c8:94:97:0a:d8:6e:1c:89:0c:
                    3c:53:e5:92:eb:0a:28:5f:fd:ae:45:64:1b:15:64:
                    f1:19:bf:3a:9a:7b:25:47:56:c4:91:71:c9:52:25:
                    3d:73:12:07:b3:04:94:c7:c6:f8:92:6d:36:38:ce:
                    77:a8:86:c7:11:f2:83:a2:1b:9b:66:d7:93:4c:70:
                    49:7f:58:25:b7:37:49:56:49:6e:82:4c:04:3a:6d:
                    3a:6e:35:3b:46:dc:1d:72:99:2d:56:32:cf:08:3a:
                    f8:94:7d:0a:f4:f4:25:0d:66:a5:e5:cb:7b:e2:b7:
                    b4:51:27:32:45:d9:78:7b:9e:b5:f0:7e:74:ee:29:
                    29:7a:38:db:63:20:7b:be:8d:84:2f:31:ca:c0:11:
                    ab:09:88:35:76:8d:d1:27:36:f1:5e:07:19:86:a6:
                    12:c4:b6:ff:51:4a:97:10:0b:28:fd:29:03:e8:a2:
                    71:05:7f:2d:f9:17:46:35:d0:c5:25:ec:4e:65:df:
                    0d:61:d1:0c:06:cb:2f:30:69:4a:18:63:ce:e8:8b:
                    64:84:88:be:e2:6a:ad:d7:32:0d:fd:42:3a:99:2f:
                    5d:87:07:31:49:18:ef:77:68:31:82:82:f8:83:bd:
                    32:31:e0:77:5b:a4:1f:15:e4:f2:5e:e7:58:29:10:
                    70:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:81:DC:2E:53:40:2C:D3:4F:0F:CA:DD:93:5F:82:61:13:07:B8:C7
            X509v3 Authority Key Identifier:
                keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/foHcLlNALNNPD8rdk1-CYRMHuMc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.154.97.0/24
                  62.3.50.0/24
                  194.28.98.0/23
                IPv6:
                  2a0c:b640::-2a0c:b641:1f:ffff:ffff:ffff:ffff:ffff
                  2a0c:b641:30::/44
                  2a0c:b641:540::/44
                  2a0c:b641:70f::/48
                  2a0f:8400::/32

    Signature Algorithm: sha256WithRSAEncryption
         82:ec:eb:35:73:26:98:83:d4:38:8d:3f:3e:9a:04:b0:fc:b3:
         67:9c:fb:a4:07:8a:78:87:60:a8:14:34:d8:61:33:22:10:4b:
         39:3c:bf:45:76:79:be:0d:38:dc:e8:8e:47:38:fc:c3:9f:8e:
         14:19:e6:45:77:6e:70:4e:d3:ed:51:e8:35:60:52:57:e2:9b:
         ce:60:45:6b:0f:65:8a:71:29:17:8b:1e:25:88:a4:b3:6c:41:
         5c:ef:53:82:9b:69:15:ed:77:e7:ec:63:23:65:ab:35:fb:92:
         af:06:03:13:2e:f3:3c:82:b7:aa:29:3a:2a:bd:2a:85:86:da:
         ac:e4:26:79:11:10:c1:3c:05:d0:9b:52:9a:bc:29:1b:02:49:
         d5:99:35:2b:ad:bd:ab:eb:cb:4c:56:5f:a3:e9:90:a5:63:fa:
         7e:69:19:4d:52:d0:74:33:16:ab:ab:a5:3e:a3:01:e6:e0:8a:
         1f:aa:ba:78:98:24:d7:0b:dc:93:e8:7e:e3:b7:47:09:44:e2:
         71:4b:de:e2:d3:30:0e:c4:69:60:c5:d2:44:2c:33:09:e4:b7:
         01:3a:60:3e:15:51:ad:41:5d:38:af:ef:f1:ce:f7:4e:bb:ca:
         cd:17:1a:ca:34:f9:60:69:72:fa:d0:2d:e3:a7:a3:c2:28:52:
         5b:53:7f:7b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYkdmi3ePE0mxfBGPo23rUFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwNzAzMjExMzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTgxZGMyZTUzNDAyY2QzNGYwZmNhZGQ5MzVmODI2MTEzMDdiOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEzCxh7IlJcK2G4ciQw8U+WS6woo
X/2uRWQbFWTxGb86mnslR1bEkXHJUiU9cxIHswSUx8b4km02OM53qIbHEfKDohub
ZteTTHBJf1gltzdJVklugkwEOm06bjU7RtwdcpktVjLPCDr4lH0K9PQlDWal5ct7
4re0UScyRdl4e5618H507ikpejjbYyB7vo2ELzHKwBGrCYg1do3RJzbxXgcZhqYS
xLb/UUqXEAso/SkD6KJxBX8t+RdGNdDFJexOZd8NYdEMBssvMGlKGGPO6ItkhIi+
4mqt1zIN/UI6mS9dhwcxSRjvd2gxgoL4g70yMeB3W6QfFeTyXudYKRBwDQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFH6B3C5TQCzTTw/K3ZNfgmETB7jHMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvZm9IY0xsTkFMTk5QRDhyZGsxLUNZUk1IdU1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjAYBAIAATASAwQALZphAwQA
PgMyAwQBwhxiMDoEAgACMDQwEAMFBioMtkADBwUqDLZBAAADBwQqDLZBADADBwQq
DLZBBUADBwAqDLZBBw8DBQAqD4QAMA0GCSqGSIb3DQEBCwUAA4IBAQCC7Os1cyaY
g9Q4jT8+mgSw/LNnnPukB4p4h2CoFDTYYTMiEEs5PL9Fdnm+DTjc6I5HOPzDn44U
GeZFd25wTtPtUeg1YFJX4pvOYEVrD2WKcSkXix4liKSzbEFc71OCm2kV7Xfn7GMj
Zas1+5KvBgMTLvM8greqKToqvSqFhtqs5CZ5ERDBPAXQm1KavCkbAknVmTUrrb2r
68tMVl+j6ZClY/p+aRlNUtB0Mxarq6U+owHm4Iofqrp4mCTXC9yT6H7jt0cJROJx
S97i0zAOxGlgxdJELDMJ5LcBOmA+FVGtQV04r+/xzvdOu8rNFxrKNPlgaXL60C3j
p6PCKFJbU397
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org